Re: Login attacks

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Yes, I have actually received responses.  Not from China or Korea though, only from the US.  I will correct myself.  I said I contact the ISPs.  What I actually end up doing is contacting the company unless  I cannot associate the address to a company, in which I contact the ISP.

Like I said though, once I have seen attempts from a range of ip addresses owned by the same company or ISP three or more times, I block the entire range.  This prevents any more attempts.
Nathaniel Hall, GSEC
Intrusion Detection and Firewall Technician
Ozarks Technical Community College -- Office of Computer Networking

halln@xxxxxxx
417-447-7535


Eucke Warren wrote: 
----- Original Message ----- 
From: Nathaniel Hall
To: For users of Fedora Core releases
Sent: Tuesday, December 07, 2004 2:52 PM
Subject: Re: Login attacks


I see attempts about every other day.  Because of this, I send e-mails to
    
ISPs about every other day.

Ok, this brings up a question I have.  I, too, have emailed the responsible
parties for the offending addresses.  Korea and China usually are the
countries from which the IP addresses are allocated.  Has ANYONE ever
received a  reply back?  I never have.  I am beginning to suspect that the
attacks are done with the tacit approval of those networks.
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux